新增 后端文件读写逻辑

onlinefs/controller/function.js

@@ -98,8 +98,34 @@ router.post('/rename', (req, res) => {
 });
 
 
+//文件内容读取路由
+router.post('/edit_read', (req, res) => {
+    const filename = (parseHandle(req.body))
+    if (!filename) return;
+    //没有经过安全的 UseFileOperate 进行安全操作
+    //必须经过目录越级漏洞防御
+    if (filename.indexOf('../') != -1 || filename.indexOf('./') != -1) return;
+    const cwd = req.session.fsos.cwd;
+    const fileOperate = new UseFileOperate(req.session.fsos).fileOperate;
+    const filedata = fileOperate.readFile(pathm.join(cwd, filename));
+    sendHandle(req, res, filedata.toString());
+});
+
+//文件内容写入路由
+router.post('/edit_write', (req, res) => {
+    const obj = (parseHandle(req.body))
+    if (!obj || !obj.filename || !obj.context) return
+    //没有经过安全的 UseFileOperate 进行安全操作
+    //必须经过目录越级漏洞防御
+    if (obj.filename.indexOf('../') != -1 || obj.filename.indexOf('./') != -1) return;
+    const cwd = req.session.fsos.cwd;
+    const fileOperate = new UseFileOperate(req.session.fsos).fileOperate;
+    fileOperate.writeFile(pathm.join(cwd, obj.filename), obj.context);
+});
 
 
+
+//解压路由
 router.post('/extract', (req, res) => {
     const zipName = (parseHandle(req.body))
     if (!zipName) {
@@ -172,4 +198,7 @@ router.get('/download/:name', (req, res) => {
 });
 
 
+
+
+
 module.exports = router;

onlinefs/module/fsoperate.js

@@ -167,6 +167,31 @@ class FileOperate extends BaseFileOperate {
         });
     }
 
+    writeFile(path, data) {
+        return this.pathAccessCheck(path, (absPath) => {
+            try {
+                fs.writeFileSync(absPath, data);
+                return fs.existsSync(absPath);
+            } catch (err) {
+                console.log("[错误]", "文件写出错:\n", err);
+                return false;
+            }
+        });
+    }
+
+    readFile(path) {
+        return this.pathAccessCheck(path, (absPath) => {
+            try {
+                if (fs.existsSync(absPath)) {
+                    return fs.readFileSync(absPath);
+                }
+            } catch (err) {
+                console.log("[错误]", "文件读出错:\n", err);
+                return false;
+            }
+        });
+    }
+
 
 }
 

public/onlinefs_public/css/app.a55e53b5.css

@@ -0,0 +1 @@
+.m-lmuem-items div{width:100%;color:#777;text-align:left;padding:6px 0 6px 14px;margin:0;border-bottom:1px solid #dcdcdc;cursor:pointer}.m-lmuem-items div:hover{background-color:#fbfbfb}.m-lmuem-items-title{font-size:16px;color:#000;padding-top:3px;padding-bottom:3px;display:block}.m-files-panel{overflow:hidden}.m-table th{background-color:#ececec}.m-table td,.m-table th{padding:8px;border-bottom:1px solid #dcdcdc}.m-table td{padding:4px 8px}.m-table tr:hover{background-color:#d4d4d4}.m-item-file-a-dir{color:#000;display:inline-block;width:100%}.m-item-file-a-file{color:#646464;display:inline-block;width:100%}#editor_box{z-index:11;height:100%;width:100%;position:fixed;top:0;bottom:0;left:0;right:0}.editor_wapper{border-radius:2px;overflow:hidden;zoom:1;position:relative;width:100%;max-width:920px;-webkit-box-shadow:#000 0 0 10px;box-shadow:0 0 10px #000;background-color:#f0f0f0;margin:auto;margin-top:45px;height:84%;min-height:400px;padding:8px}.editor_button{text-align:right}.editor_button>button{margin-left:8px;min-width:60px;line-height:16px}@media (max-width:992px){.editor_wapper{border-radius:0;width:100%;height:100%;margin-top:0}}#shady_box{position:fixed;top:0;left:0;right:0;bottom:0;background-color:#000;opacity:.62;width:100%;z-index:10}